BradNut/sveltekit-auth-cookies
1
0
Fork 0
mirror of https://github.com/BradNut/sveltekit-auth-cookies synced 2025-09-08 17:40:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Initial commit, scaffold and base login with cookies.

Browse source
This commit is contained in:
Bradley Shellnut 2022-05-12 19:47:04 -07:00
commit 4672da6f4a
24 changed files with 3591 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
.eslintrc.cjs Normal file
View file

@ -0,0 +1,20 @@
module.exports = {
root: true,
parser: '@typescript-eslint/parser',
extends: ['eslint:recommended', 'plugin:@typescript-eslint/recommended', 'prettier'],
plugins: ['svelte3', '@typescript-eslint'],
ignorePatterns: ['*.cjs'],
overrides: [{ files: ['*.svelte'], processor: 'svelte3/svelte3' }],
settings: {
'svelte3/typescript': () => require('typescript')
},
parserOptions: {
sourceType: 'module',
ecmaVersion: 2020
},
env: {
browser: true,
es2017: true,
node: true
}
};

8
.gitignore vendored Normal file
View file

@ -0,0 +1,8 @@
.DS_Store
node_modules
/build
/.svelte-kit
/package
.env
.env.*
!.env.example

1
.npmrc Normal file
View file

@ -0,0 +1 @@
engine-strict=true

6
.prettierrc Normal file
View file

@ -0,0 +1,6 @@
{
"useTabs": true,
"singleQuote": true,
"trailingComma": "none",
"printWidth": 100
}

38
README.md Normal file
View file

@ -0,0 +1,38 @@
# create-svelte
Everything you need to build a Svelte project, powered by [`create-svelte`](https://github.com/sveltejs/kit/tree/master/packages/create-svelte).
## Creating a project
If you're seeing this, you've probably already done this step. Congrats!
```bash
# create a new project in the current directory
npm init svelte
# create a new project in my-app
npm init svelte my-app
```
## Developing
Once you've created a project and installed dependencies with `npm install` (or `pnpm install` or `yarn`), start a development server:
```bash
npm run dev
# or start the server and open the app in a new browser tab
npm run dev -- --open
```
## Building
To create a production version of your app:
```bash
npm run build
```
You can preview the production build with `npm run preview`.
> To deploy your app, you may need to install an [adapter](https://kit.svelte.dev/docs/adapters) for your target environment.

41
package.json Normal file
View file

@ -0,0 +1,41 @@
{
"name": "sveltekit-auth-cookies",
"version": "0.0.1",
"scripts": {
"dev": "svelte-kit dev",
"build": "svelte-kit build",
"package": "svelte-kit package",
"preview": "svelte-kit preview",
"prepare": "svelte-kit sync",
"test": "playwright test",
"check": "svelte-check --tsconfig ./tsconfig.json",
"check:watch": "svelte-check --tsconfig ./tsconfig.json --watch",
"lint": "prettier --ignore-path .gitignore --check --plugin-search-dir=. . && eslint --ignore-path .gitignore .",
"format": "prettier --ignore-path .gitignore --write --plugin-search-dir=. ."
},
"devDependencies": {
"@playwright/test": "^1.21.0",
"@sveltejs/adapter-auto": "next",
"@sveltejs/kit": "next",
"@types/bcrypt": "^5.0.0",
"@types/cookie": "^0.5.1",
"@typescript-eslint/eslint-plugin": "^5.10.1",
"@typescript-eslint/parser": "^5.10.1",
"eslint": "^8.12.0",
"eslint-config-prettier": "^8.3.0",
"eslint-plugin-svelte3": "^4.0.0",
"prettier": "^2.5.1",
"prettier-plugin-svelte": "^2.5.0",
"svelte": "^3.44.0",
"svelte-check": "^2.2.6",
"svelte-preprocess": "^4.10.1",
"tslib": "^2.3.1",
"typescript": "~4.6.2"
},
"type": "module",
"dependencies": {
"@prisma/client": "^3.14.0",
"bcrypt": "^5.0.1",
"cookie": "^0.5.0"
}
}

10
playwright.config.ts Normal file
View file

@ -0,0 +1,10 @@
import type { PlaywrightTestConfig } from '@playwright/test';
const config: PlaywrightTestConfig = {
webServer: {
command: 'npm run build && npm run preview',
port: 3000
}
};
export default config;

3053
pnpm-lock.yaml Normal file
View file

File diff suppressed because it is too large Load diff

BIN
prisma/dev.db Normal file
View file

Binary file not shown.

19
prisma/schema.prisma Normal file
View file

@ -0,0 +1,19 @@
// This is your Prisma schema file,
// learn more about it in the docs: https://pris.ly/d/prisma-schema
generator client {
provider = "prisma-client-js"
}
datasource db {
provider = "sqlite"
url = env("DATABASE_URL")
}
model User {
id String @id @default(uuid())
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
username String @unique
passwordHash String
}

10
src/app.d.ts vendored Normal file
View file

@ -0,0 +1,10 @@
/// <reference types="@sveltejs/kit" />
// See https://kit.svelte.dev/docs/types#app
// for information about these interfaces
declare namespace App {
// interface Locals {}
// interface Platform {}
// interface Session {}
// interface Stuff {}
}

77
src/app.html Normal file
View file

@ -0,0 +1,77 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta
name="viewport"
content="width=device-width, initial-scale=1"
/>
<link rel="icon" href="https://fav.farm/🍪" />
<style>
body {
padding: 1rem;
font-family: sans-serif;
color: hsl(220 20% 98%);
background-color: hsl(220 20% 10%);
}
form {
margin: 2rem 0;
display: grid;
justify-content: start;
row-gap: 1rem;
}
label {
display: block;
margin-bottom: 0.4rem;
color: hsl(220 20% 80%);
}
input,
button {
padding: 1rem;
font: inherit;
color: inherit;
background-color: hsl(220 20% 20%);
border: none;
border-radius: 1rem;
border: 1px solid hsl(220 20% 28%);
}
button {
margin-top: 0.4rem;
font-weight: 700;
cursor: pointer;
max-width: 140px;
}
nav {
display: flex;
gap: 1rem;
margin-bottom: 2rem;
}
a {
color: inherit;
}
nav a {
font-weight: 700;
text-decoration: none;
}
nav a:hover {
text-decoration: underline;
}
.error {
font-weight: 700;
}
</style>
%svelte.head%
</head>
<body>
<div>%svelte.body%</div>
</body>
</html>

15
src/lib/api.ts Normal file
View file

@ -0,0 +1,15 @@
type Send = Promise<{
error?: string
success?: string
user?: { username: string }
}>
export async function send(form: HTMLFormElement): Send {
const response = await fetch(form.action, {
method: form.method,
body: new FormData(form),
headers: { accept: 'application/json' }
})
return await response.json()
}

3
src/lib/database.ts Normal file
View file

@ -0,0 +1,3 @@
import prisma from '@prisma/client'
export const db = new prisma.PrismaClient()

14
src/routes/__layout.svelte Normal file
View file

@ -0,0 +1,14 @@
<svelte:head>
<title>SvelteKit Auth</title>
</svelte:head>
<nav>
<a href="/">Home</a>
<a href="/auth/login">Login</a>
<a href="/auth/register">Register</a>
<a href="/protected">Admin</a>
<a href="/auth/logout">Log out</a>
</nav>
<slot />

57
src/routes/auth/login/index.svelte Normal file
View file

@ -0,0 +1,57 @@
<script lang="ts">
import { session } from '$app/stores'
import { send } from '$lib/api'
export let error: string
async function login(event: SubmitEvent) {
const formEl = event.target as HTMLFormElement
const response = await send(formEl)
if (response.error) {
error = response.error
}
$session.user = response.user
formEl.reset()
}
</script>
<form
on:submit|preventDefault={login}
method="post"
autocomplete="off"
>
<div>
<label for="username">Username</label>
<input
id="username"
name="username"
type="username"
required
/>
</div>
<div>
<label for="password">Password</label>
<input
id="password"
name="password"
type="password"
required
/>
</div>
{#if error}
<p class="error">{error}</p>
{/if}
<button type="submit">Sign In</button>
</form>
<style>
.error {
color: tomato;
}
</style>

75
src/routes/auth/login/login.ts Normal file
View file

@ -0,0 +1,75 @@
import type { RequestHandler } from '@sveltejs/kit'
import * as bcrypt from 'bcrypt'
import * as cookie from 'cookie'
import { db } from '$lib/database'
export const post: RequestHandler = async ({ request }) => {
const form = await request.formData()
const username = form.get('username')
console.log('username', username);
const password = form.get('password')
console.log('password', password);
if (
typeof username !== 'string' ||
typeof password !== 'string'
) {
return {
status: 400,
body: {
error: 'Enter a valid username and password.',
},
}
}
if (!username || !password) {
return {
status: 400,
body: {
error: 'Username and password is required.',
},
}
}
const user = await db.user.findUnique({
where: { username },
})
const passwordMatch =
user &&
(await bcrypt.compare(password, user.passwordHash))
if (!user || !passwordMatch) {
return {
status: 400,
body: {
error: 'You entered the wrong credentials.',
},
}
}
return {
status: 200,
body: {
// for updating the session on the client
user: { username },
success: 'Success.',
},
headers: {
'Set-Cookie': cookie.serialize('session', user.id, {
// send cookie for every page
path: '/',
// server side only cookie so you can't use `document.cookie`
httpOnly: true,
// only requests from same site can send cookies
// and serves to protect from CSRF
// https://developer.mozilla.org/en-US/docs/Glossary/CSRF
sameSite: 'strict',
// only sent over HTTPS
secure: process.env.NODE_ENV === 'production',
// set cookie to expire after a month
maxAge: 60 * 60 * 24 * 30,
}),
},
}
}

55
src/routes/auth/register/index.svelte Normal file
View file

@ -0,0 +1,55 @@
<script type="ts">
import {send} from '$lib/api';
export let error: string;
export let success: string;
async function register(event: SubmitEvent) {
error = ''
const formEl = event.target as HTMLFormElement
const response = await send(formEl)
if (response.error) {
error = response.error
}
if (response.success) {
success = response.success
}
formEl.reset()
}
</script>
<form on:submit|preventDefault={register} method="post" autocomplete="off">
<div>
<label for="username">Username
<input id="username" name="username" type="text" required />
</label>
</div>
<div>
<label for="password">Password
<input id="password" name="password" type="password" required />
</label>
</div>
{#if error}
<p class="error">{error}</p>
{/if}
{#if success}
<div>
<p>Thank you for signing up!</p>
<p><a href="/auth/login">You can log in.</a></p>
</div>
{/if}
<button type="submit">Sign Up</button>
</form>
<style>
.error {
color: tomato;
}
</style>

50
src/routes/auth/register/index.ts Normal file
View file

@ -0,0 +1,50 @@
import type { RequestHandler } from "@sveltejs/kit"
import * as bcrypt from 'bcrypt';
import { db } from "$lib/database"
export const post: RequestHandler = async ({request}) => {
const form = await request.formData()
const username = form.get('username')
const password = form.get('password')
if (typeof username !== 'string' || typeof password !== 'string') {
return {
status: 400,
body: {
error: 'Something went horribly wrong.'
}
}
}
if (!username || !password) {
return {
status: 400,
body: {
error: 'Username and password are required'
}
}
}
try {
await db.user.create({
data: {
username,
passwordHash: await bcrypt.hash(password, 10),
}
})
return {
status: 200,
body: { success: 'Success.' }
}
} catch (error) {
return {
status: 400,
body: {
error: 'User already exists.'
}
}
}
}

1
src/routes/index.svelte Normal file
View file

@ -0,0 +1 @@
<h1>Public</h1>

BIN
static/favicon.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 1.5 KiB

15
svelte.config.js Normal file
View file

@ -0,0 +1,15 @@
import adapter from '@sveltejs/adapter-auto';
import preprocess from 'svelte-preprocess';
/** @type {import('@sveltejs/kit').Config} */
const config = {
// Consult https://github.com/sveltejs/svelte-preprocess
// for more information about preprocessors
preprocess: preprocess(),
kit: {
adapter: adapter()
}
};
export default config;

6
tests/test.ts Normal file
View file

@ -0,0 +1,6 @@
import { expect, test } from '@playwright/test';
test('index page has expected h1', async ({ page }) => {
await page.goto('/');
expect(await page.textContent('h1')).toBe('Welcome to SvelteKit');
});

17
tsconfig.json Normal file
View file

@ -0,0 +1,17 @@
{
"extends": "./.svelte-kit/tsconfig.json",
"compilerOptions": {
"allowJs": true,
"checkJs": true,
"esModuleInterop": true,
"forceConsistentCasingInFileNames": true,
"lib": ["es2020", "DOM"],
"moduleResolution": "node",
"module": "es2020",
"resolveJsonModule": true,
"skipLibCheck": true,
"sourceMap": true,
"strict": true,
"target": "es2020"
}
}